Perl Server Side CGI Scripting Forum

For some time now I have been using javascript to validate HTML forms and Perl to process the data submitted from those forms. I generated the HTML forms using Dreamweaver and stored the forms as HTML files on the server.

I recently ran into a situation where I had to generate forms using CGI scripts and stored on the server as CGI scripts. I wanted to use javascript to validate those forms but ran into problems. I Googled around and found some pertinent stuff on this very forum. There were claims that this was impossible. Some presented examples of code that were claimed to do work, but I found them difficult to understand.

Here is some code which I wrote that works. It is written in a very verbose style so that I, and perhaps others like me, can understand it. I hope you pros will understand and forgive me for that. You could probably rewrite this as a couple of lines.

Here is the Perl code that generates the form and validates the submitted fields using javascript. The name field is required and the guests field gets all commas converted to ampersands so that the name and guests fields can be combined and sent into a csv database (not here). #!/usr/bin/perl -wuse strict;use CGI ':standard';

# I put the javascript in a variable as suggested in the following forum:# http://www.webmasterworld.com/perl/3128782.htmmy $js = qq~<script language="Javascript" type="text/javascript"><!-- Hide script from old browsers

// If we get to here the form should be OK.return(true);}// ################################################################// End hiding script from older browsers--></script>~;# End of the javascript

# This is the path to the script servicing the submitted form.my $path = "http://www.nbyc-cruise.com/cgi-bin/verify-form.cgi"; # Change this to the correct path!

# The lines after the next print statement are html code.# The server will print (send) it to the browser which will interpret it.# The code print << "TERMINATOR"; says print the following until you encounter TREMINATOR again.

There is a problem (potential problem) you are validating your input using only JS, that means at browser level. That's fine but anybody would be able of sending data to your form directly, that's why it's suggested to validate data on the browser side and on the server side as well.

I believe the issue you refer to occurs regardless of whether the form is generated by direct HTML code or by a CGI script generating the HTML code for the form. Am I right?

I have, in the past, used forms generated directly by HTML code, and validated the submitted data by using Javascript before sending the data to the server. I recently found myself needing to generate a form using CGI script, and wanted to validate the submitted data before sending it to the server. Some said that that was impossible, but they were clearly wrong.

You can provide validation rules and it will generate the javascript for validation at the client and also do the server side validation. It works well with Template Toolkit if you want to seperate the logic from the presentation.

The module looks like it is actively being maintained again after a few years of inactivity.

I recently found myself needing to generate a form using CGI script, and wanted to validate the submitted data before sending it to the server. Some said that that was impossible, but they were clearly wrong.

Yes you can generate a form via html or perl->html. But then another script (or the same one) will receive the submitted data. The best approach is to validate the data before sending it to the script and ALSO on the server side before doing any work with it (check for malicious input)